MEMPHIS, TENN (localmemphis.com) – Federal investigators are looking into a cyber-attack that occurred at a Memphis doctor’s office.
According to a new release, an unknown party was able to access two servers at Primary Care Specialists, Inc, located in the 3100 block of Walnut Grove Road.
Adam Berkenstock is the office’s information technology manager. He says the hackers somehow got the log-in and password for the PCS computers on February 27 and accessed the servers containing patient medical records.
These records included patients’ name, date of birth, address, insurance/payment information, social security number and medical information (diagnosis, medications, treatments, etc. ).
Berkenstock says the access lasted less than five minutes, but in that time the hackers were able to encrypt the sensitive information.
Computer specialists say when information is encrypted it makes the information unreadable and unusable.
The hackers demanded money to unlock and make the information readable, according to Berkenstock. They reportedly wanted the money converted into Bitcoin, a form of digital money.
PCS did not give into the demands and alerted the Federal Department of Health and Human Services.
“My medical information should stay private,” said patient Evelyn Boga. “It should remain at the doctor’s office.”
Boga and other patients received letters from the office saying their information may have been compromised.
A portion of the letter read:
“The cyber-criminal responsible for this attack is unable to access or use your information, if you’d like to take additional steps to reduce any potential risk if you’re protected health information, you may place a fraud alert with the credit reporting agency and review your credit reports periodically.”
The office apologized to patients and stated that those responsible have since been locked out of the business’ servers.
PCS has also set up a hotline for patients with questions or concerns. The number to call is 888-750-9219, 9 a.m. to 9 p.m. (Eastern Time).